Post

Anotherctf

Posted
By Fate Walker
1 min read
Anotherctf
tryhackme nmap linux ciphey crypto

Recon

Nmap

1

User
  
1
2

www-data@ubuntu-bionic:/var/www/html$ cat /home/www-data/.../look.txt
Super Secure Password => ctfbros:WTBCT1dUQjFVR3hBZVZSb0lYTmpWR1kv

  
1
2
3

┌──(bravosec㉿fsociety)-[~/thm/AnotherCTF]
└─$ echo 'WTBCT1dUQjFVR3hBZVZSb0lYTmpWR1kv'|base64 -d|base64 -d
c@NY0uPl@yTh!scTf?

  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

┌──(bravosec㉿fsociety)-[~/thm/AnotherCTF]
└─$ rlwrap nc anotherctf.thm 8888
Username: ctfbros
Password: c@NY0uPl@yTh!scTf?
Authentication successful. Welcome!
Enter a command (list to show something, exit to quit): id
Invalid command. Try again.
Enter a command (list to show something, exit to quit): list
secret1
secret2
secret3
Enter a command (list to show something, exit to quit): secret1
ydLMriqVXnJiAb84Kiwv4tBfXLs1V65ndwtr3zCXMCPZcknHZnmscABg3HdScv7ovkoyCnxYSQDDvm43UUN
Enter a command (list to show something, exit to quit): secret3
There is a secret file on /tmp
Enter a command (list to show something, exit to quit): secret2
Ayo it's Trevohack!

Enter a command (list to show something, exit to quit): __import__('os').system('id')
Invalid command. Try again.

  
1
2
3
4
5
6
7

┌──(bravosec㉿fsociety)-[~/thm/AnotherCTF]
└─$ ciphey -t 'ydLMriqVXnJiAb84Kiwv4tBfXLs1V65ndwtr3zCXMCPZcknHZnmscABg3HdScv7ovkoyCnxYSQDDvm43UUN'
Possible plaintext: 'Hey John here is your recovered password youMe@nReversing123?' (y/N): y
╭─────────────────────────────────────────────────────────────────────────────────────────────╮
│ Formats used:                                                                               │
│    base58_bitcoinPlaintext: "Hey John here is your recovered password youMe@nReversing123?" │
╰─────────────────────────────────────────────────────────────────────────────────────────────╯

Root
Additional
  TryHackMe - Rooms
 This post is licensed under  CC BY 4.0  by the author.